mpv
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | a free, open source, and cross-platform media player |
| Version | 1:0.33.1-2 [community] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1821 | 1:0.33.0-4 | 1:0.33.1-1 | Medium | Fixed | |
| AVG-605 | 1:0.27.0-6 | 1:0.27.1-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-30145 | AVG-1821 | Medium | No | Arbitrary code execution | A security issue was found in mpv before version 0.33.1. An unverified format string, provided by the user as part of mf:// URI, could result in undefined... |
| CVE-2018-6360 | AVG-605 | High | Yes | Arbitrary code execution | mpv allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 13 Feb 2018 | ASA-201802-7 | AVG-605 | High | arbitrary code execution |